package com.jasonchoi.security;

import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;


/**
 * @Author: JasonChoi
 * @Date: 2019/12/31 11:21
 */
@RequestMapping
@Controller
public class HelloController {

    @GetMapping
    @ResponseBody
    public String unsafe(){
        return "不需要授权";
    }

    @GetMapping("/hello")
    public String globalHello(){
        return "hello";
    }

    @GetMapping("/method/hello")
    @Secured("ROLE_ADMIN")                    //方法級別的授权  需开启@EnableGlobalMethodSecurity
    public String methodHello(){
        return "hello";
    }

    @GetMapping(value = "/login")
    public String login(){
        return "login";
    }
}
